Field
The present invention relates generally to user identity authentication in peer-to-peer overlay networks.
Background
Peer-to-peer (P2P) overlay networks are designed for better scalability, easier user interaction, and easier deployment of applications. Such networks are relatively open, as users may join and leave at will. One problem associated with such dynamic user participation is the uncertainty in user identity. To enable applications such as social networking and file sharing on peer-to-peer networks, consistent and verifiable user identity is desired. Also, for the security of peer-to-peer networks, the user identity needs to be established to allow the build-up of user reputation, and to allow feedback towards user behavior.
One simple solution for user identity in peer-to-peer networks would be to allow the users to claim their own identity, and use the claimed identity in subsequent overlay applications. There are drawbacks to this approach. One drawback is the difficulty in authenticating the claimed identity during the admission of the user into the P2P system, as there will be no prior established authentication credential between the user and P2P overlay. Another drawback is the difficulty for peers in the overlay to verify the identity of other peers. After a user joins the overlay, the user can use an arbitrary user id when communicating with other peers, and other users will have no way to verify the claimed identity.
There is therefore a need for a technique for user identity authentication in peer-to-peer overlay networks.